Binary webshell through OPcache in PHP 7

28 April 2016
/ Security
/ By Jan Reilink

GoSecure wrote up a new PHP exploitation technique using the default OPcache engine from PHP 7. Using this attack vector, it’s possible to bypass certain hardening techniques that disallow the file write access in the web directory. This could be used by an attacker to execute his own malicious code in a hardened environment.

This new PHP 7 OPcache attack vector is an additional exploitation technique tailored to specific hardened environments. It is not a universal vulnerability affecting PHP applications. With the arrival of PHP 7.0 in major distributions such as Ubuntu 16.04, this attack vector reinforces even more the need to audit your code for file upload vulnerabilities and to be wary of potentially dangerous server configuration.

Read the full article at GoSecure’s blog: Binary Webshell Through OPcache in PHP 7.

Show your support

If you want to step in to help me cover the costs for running this website, that would be awesome. Just use this link to donate a cup of coffee ($5 USD for example). And please share the love and help others make use of this website. Thank you very much!

About the Author Jan Reilink

My name is Jan. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing my daily thing at Vevida in the Netherlands. With over 15 years of experience, my specialties include Windows Server, IIS, Linux (CentOS, Debian), security, PHP, websites & optimization.

follow me on:

02 Mar, 2018

Fatal error: Uncaught Error: [] operator not supported for strings – PHP 7.1

19 Oct, 2016

Clear PHP opcode caches before WordPress Updates: ease the updating process

31 Aug, 2016

How to optimize your WordPress hosting – 9+ practical tips

31 Jul, 2015

How to optimize PHP OPcache configuration

19 Aug, 2014

Custom PHP version on IIS Express and WebMatrix 3

29 Jun, 2014